Mozilla has admitted that one of the two experimental add-ons for the Firefox browser it said contained malware was in fact a false positive.

Version 4.0 of the Sothink Video Downloader, which Mozilla previously said included the Win32/Ldpinch.gen:Win32/Ldpinch.gen password sniffing malware, after further investigation, has been found to be free of malware.

__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Couple things to note: 1) add-ons are not created by Mozilla but are scanned by their custom virus scanner when they are issued to Mozilla and 2) it's like Microsoft having to protect Windows from every software package by any 3rd party that puts one out.

That was back in the firebird/firefox 0.x/1.x days, since then the firefox team has added some non-base features, but the program still relies heavily on 3rd party extensions.

This is different from IE or Opera, while it is possible to run extensions, it's not as common or 'necessary'.

From personal experience, I know the 'firefox model' doesn't exactly help with the speed, stability, and overall security of the browser.
This is about malicious intent (malware), but I would bet there are more than a few extensions with (unintentional) security flaws in them ...

__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.